b923e93612ee7a3fba02e351a685adf7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b923e93612ee7a3fba02e351a685adf7_JaffaCakes118
Size

604KB
MD5

b923e93612ee7a3fba02e351a685adf7
SHA1

3c3c16cb0612eafdf4d5c857d7d0601e4f0bbd20
SHA256

0dd1f7f511164b3ac0e4f6cc07ee4fe7215b16f83cad385c19f7df3666641aaa
SHA512

42e7876766684bce1eec15dad9f76c922a8759a2d2cea3baeae52b514cac060405d81b8c956d139544b75b521f66413db842f58e9771f397a2c9dd1670dcf671
SSDEEP

12288:3KxdmMebHJzSh1CQDj7tuJi4tpm7EnGEim5Oq/O/GhuZ34azJNkI0:6xdmMebFSh11gt/QEKbd4Cn0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b923e93612ee7a3fba02e351a685adf7_JaffaCakes118

Files

b923e93612ee7a3fba02e351a685adf7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2acfcdf72674f18e8c1b85c84e710957

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
GetFileAttributesA
FindFirstFileA
LocalAlloc
_lopen
GetFileSize
GetProcAddress
GetCommandLineA
SetEndOfFile
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
RaiseException
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
ExitProcess
GetVersion
GetSystemDefaultLangID
GetStartupInfoA
GetModuleHandleA
GetLastError
HeapAlloc
HeapFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcatA
CloseHandle
WriteFile
lstrcpyA
CreateFileA
CreateDirectoryA
GetWindowsDirectoryA
GetLocalTime
LocalHandle
LocalFree
_lclose
FreeLibrary
lstrlenA
GetPrivateProfileStringA
GetCurrentDirectoryA
OpenFile
LoadLibraryA
_lread
lstrcmpiA
CopyFileA
ReadFile
SetFilePointer
GlobalHandle
DeleteFileA

user32

wsprintfA
GetMenu
SetWindowTextA
EndPaint
BeginPaint
EnableWindow
PostMessageA
SetTimer
SetWindowPos
GetWindow
ReleaseDC
LoadBitmapA
EnableMenuItem
SetDlgItemTextA
TranslateMessage
PeekMessageA
DefWindowProcA
TrackPopupMenu
PtInRect
IntersectRect
WinHelpA
DialogBoxParamA
SetCursor
LoadCursorA
UpdateWindow
InvalidateRect
GetWindowRect
SetDlgItemInt
CheckRadioButton
IsDlgButtonChecked
SendDlgItemMessageA
KillTimer
BringWindowToTop
EndDialog
GetFocus
MessageBoxA
SetRect
GetDC
DispatchMessageA
ModifyMenuA
RegisterClassExA
GetDlgItem
SendMessageA
CreateWindowExA
ShowWindow
GetDesktopWindow
FindWindowA
LoadIconA
PostQuitMessage
DestroyWindow
GetMessageA
UnregisterClassA
GetSubMenu

gdi32

GetStockObject
DeleteObject
CreatePen
BitBlt
SelectObject
DeleteDC
GetObjectA
GetDeviceCaps
CreateCompatibleDC
CreateDIBitmap
TextOutA
MoveToEx
GetDIBits
SetBkMode
LineTo

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA
SHAppBarMessage

avifil32

AVIStreamGetFrameOpen
AVIStreamGetFrame
AVIStreamReadFormat
AVIFileInit
AVIFileExit
AVIStreamStart
AVIStreamLength
AVIFileGetStream
AVIStreamInfoA
AVIFileCreateStreamA
AVIStreamRead
AVIFileRelease
AVIStreamGetFrameClose
AVIStreamWrite
AVIFileOpenA
AVIStreamSetFormat
AVIStreamRelease

msvfw32

ICLocate
ICImageDecompress
ICClose

comctl32

ImageList_LoadImageA
CreateToolbarEx
ImageList_Create
InitCommonControlsEx
ImageList_Destroy

winmm

mmioRead
mmioClose
mmioFlush
mciSendCommandA
mmioSetInfo
mmioSeek
mmioAdvance
mmioGetInfo
mmioCreateChunk
mmioWrite
mmioOpenA
mmioDescend
mmioAscend

japi

_Init_JPEG_Decompressor@4
_Start_JPEG_Decompress@16
_End_JPEG_Decompress@0
_Close_JPEG_Decompressor@0
_Decompress_One_Line@4

japi2

_Start_JPEG_Decompress_IJG@16
_Decompress_One_Line_IJG@4
_Close_JPEG_Decompressor_IJG@0
_End_JPEG_Decompress_IJG@0
_Init_JPEG_Decompressor_IJG@4

Exports

Exports

Acquire
CheckTwainInterface
InitTwain
SelectSource

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 605KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 448KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2acfcdf72674f18e8c1b85c84e710957

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

avifil32

msvfw32

comctl32

winmm

japi

japi2

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 36KB - Virtual size: 605KB

.rsrc Size: 448KB - Virtual size: 448KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 36KB - Virtual size: 605KB

.rsrc
Size: 448KB - Virtual size: 448KB